Fannie Mae worker accused of planting malware timebomb

According to media reports, a federal grand jury in Maryland has indicted a 35-year-old man for planting a malicious script, designed to destroy data on the US financial giant's servers.

Rajendrasinh Babubhai Makwana, worked for three years as a software engineer contractor at Fannie Mae's offices in Maryland, where he is said to have had access to all of the company's 4000 servers.

Makwana, who is an Indian citizen but now lives in Glen Allen, Virginia, is alleged to have embedded destructive code on the server designed to trigger at 9:00 am on January 31st, 2009 wiping out all data across the network by overwriting it with zeroes.

According to documents presented to the court, Fannie Mae terminated Makwana's employment at their 247,000 square foot Urbana Technology Center on October 24th, 2008, and the malicious script was allegedly found the following day. Makwana is accused of writing the code before he left the mortgage company's employment.

"Had this malicious script executed, engineers expect it would have caused millions of dollars of damage and reduced if not shutdown operations at Fannie Mae for at least one week," said FBI agent Jessica Nye in a sworn statement. "The total damage would include cleaning out and restoring all 4,000 servers, restoring and securing the automation of mortgages, and restoring all data that was erased."

According to the prosecution case, anyone trying to log in to the network on January 31st would have received a message saying "Server Graveyard".

If found guilty, Makwana could face a sentence of up to ten years in prison.

Obviously this case is ongoing, and charges have not been proven against Makwana. But imagine what the impact could have been if an attack like this were not intercepted, and had successfully struck a financial institution.

With economies so rocky at the moment anyway and confidence in the financial system amongst the general public badly shaken in recent months, it would be very bad news indeed for any institution to be hit in this way.

As belts tighten and the credit crunch continues to hit around the world, more and more companies will be making the decision to make staff and contractors redundant. As we've written before, a disaffected employee could create havoc inside your organisation so make sure that appropriate security is in place.

You might like

About the author

Graham Cluley runs his own award-winning computer security blog at https://grahamcluley.com, and is a veteran of the anti-virus industry having worked for a number of security companies since the early 1990s. Now an independent security analyst, he regularly makes media appearances and gives computer security presentations. Follow him on Twitter at @gcluley